cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
36
Views
0
Helpful
0
Replies
Highlighted

Site 2 Site VPN, subnet mask issue

Hi Pals,
 
I've configured a site 2 site tunnel between our Cisco ASA 5510 and Sonicwall NSA 4500, today when i saw the tunnel status, i found one new thing which i couldn't understood.. First below are the details i should share first -
 
Our network 192.168.2.100 /32
Remote 10.10.1.0/24
 
The Tunnel is connecting these networks, now when i running "show crypto isakmp sa"
its showing two entries of traffic 
 access-list outside_27_cryptomap extended permit ip host 192.168.2.98 10.10.1.0 255.255.255.0 
local ident (addr/mask/prot/port): (192.168.2.98/255.255.255.255/0/0)
      remote ident (addr/mask/prot/port): (10.10.1.0/10.10.1.255/0/0)
  #pkts encaps: 0, #pkts encrypt: 0, 
#pkts decaps: 0, #pkts decrypt: 0, 
 
 
 access-list outside_27_cryptomap extended permit ip host 192.168.2.98 10.10.1.0 255.255.255.0 
local ident (addr/mask/prot/port): (192.168.2.98/255.255.255.255/0/0)
      remote ident (addr/mask/prot/port): (10.10.1.0/255.255.255.0/0/0)
  #pkts encaps: 49, #pkts encrypt: 49, #pkts digest: 49
      #pkts decaps: 49, #pkts decrypt: 49, #pkts verify: 49
just wanted to knwo the reason why there are 2 entries for same netowrk, in first entry its showing 10.10.1.255 as mask and what is reason of such behaviour?
 
and kindly eloborate this line remote ident (addr/mask/prot/port): (10.10.1.0/255.255.255.0/0/0) what are addr, mask, prot, port..
 
Please enlighten me.
Thank You 
Pradeep Kashyap